HP (Hewlett-Packard) FIPS 140-2 Computer Drive User Manual


  Open as PDF
of 26
 
Security Policy, version 1.0 January 31, 2008
HP StorageWorks Secure Key Manager
Page 2 of 26
© 2008 Hewlett-Packard Company
This document may be freely reproduced in its original entirety.
Table of Contents
1 INTRODUCTION ...............................................................................................................................................5
1.1 PURPOSE.........................................................................................................................................................5
1.2 REFERENCES...................................................................................................................................................5
2 HP STORAGEWORKS SECURE KEY MANAGER .....................................................................................6
2.1 OVERVIEW......................................................................................................................................................6
2.2 CRYPTOGRAPHIC MODULE SPECIFICATION ....................................................................................................6
2.3 MODULE INTERFACES ....................................................................................................................................8
2.4 ROLES, SERVICES, AND AUTHENTICATION ...................................................................................................11
2.4.1 Crypto Officer Role..............................................................................................................................11
2.4.2 User Role.............................................................................................................................................12
2.4.3 HP User Role.......................................................................................................................................13
2.4.4 Cluster Member Role...........................................................................................................................14
2.4.5 Authentication......................................................................................................................................14
2.4.6 Unauthenticated Services ....................................................................................................................15
2.5 PHYSICAL SECURITY ....................................................................................................................................15
2.6 OPERATIONAL ENVIRONMENT......................................................................................................................15
2.7 CRYPTOGRAPHIC KEY MANAGEMENT..........................................................................................................15
2.7.1 Keys and CSPs.....................................................................................................................................15
2.7.2 Key Generation....................................................................................................................................19
2.7.3 Key/CSP Zeroization............................................................................................................................19
2.8 SELF-TESTS ..................................................................................................................................................19
2.9 MITIGATION OF OTHER ATTACKS.................................................................................................................20
3 SECURE OPERATION....................................................................................................................................21
3.1 INITIAL SETUP ..............................................................................................................................................21
3.2 INITIALIZATION AND CONFIGURATION .........................................................................................................21
3.2.1 First-Time Initialization.......................................................................................................................21
3.2.2 FIPS Mode Configuration ...................................................................................................................21
3.3 PHYSICAL SECURITY ASSURANCE ................................................................................................................22
3.4 KEY AND CSP ZEROIZATION ........................................................................................................................24
3.5 ERROR STATE...............................................................................................................................................24
ACRONYMS..............................................................................................................................................................25
 previous next